diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9c5ad2b..21b0b36 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,5 +1,8 @@ name: release on: [push, pull_request] +permissions: + contents: read + concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true @@ -21,45 +24,66 @@ jobs: - name: ๐Ÿงช Test run: bun test + build-release-artifact: + name: ๐Ÿ“ฆ Build release artifact + needs: [test] + runs-on: ubuntu-latest + permissions: + contents: read + if: ${{ github.repository == 'epicweb-dev/remember' && github.event_name == 'push' }} + steps: + - name: โฌ‡๏ธ Checkout repo + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + + - name: โŽ” Setup node + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 + with: + node-version: lts/* + package-manager-cache: false + + - name: Install deps + run: npm install --ignore-scripts + + - name: Prepare package + run: npx -p typescript tsc --declaration --emitDeclarationOnly --allowJs --checkJs --downlevelIteration --module nodenext --moduleResolution nodenext --target es2022 --outDir . index.js + + - name: Upload package artifact + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + with: + name: npm-package-artifact + path: index.d.ts + if-no-files-found: error + retention-days: 7 + release: name: ๐Ÿš€ Release - needs: [test] + needs: [build-release-artifact] runs-on: ubuntu-latest - if: - ${{ github.repository == 'epicweb-dev/remember' && - contains('refs/heads/main,refs/heads/beta,refs/heads/next,refs/heads/alpha', - github.ref) && github.event_name == 'push' }} permissions: contents: write # to be able to publish a GitHub release id-token: write # to enable use of OIDC for npm provenance issues: write # to be able to comment on released issues pull-requests: write # to be able to comment on released pull requests + if: ${{ github.repository == 'epicweb-dev/remember' && github.event_name == 'push' }} steps: - name: โฌ‡๏ธ Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 - # I'd prefer to use bun, but I got this error when I tried using bunx instead of npx: - # error TS5042: Option 'project' cannot be mixed with source files on a command line. - # error: "tsc" exited with code 1 (SIGHUP) - # Also, I don't know how to use bun instead of node for semantic-release ๐Ÿคทโ€โ™‚๏ธ - name: โŽ” Setup node - uses: actions/setup-node@v6 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 with: - node-version: lts/* + node-version: 24 + registry-url: https://registry.npmjs.org + package-manager-cache: false - - name: ๐Ÿ“ฅ Download deps - uses: bahmutov/npm-install@v1 + - name: Download package artifact + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 with: - useLockFile: false - - - name: ๐Ÿ’ช Generate Types - run: - npx -p typescript tsc --declaration --emitDeclarationOnly --allowJs - --checkJs --downlevelIteration --module nodenext --moduleResolution - nodenext --target es2022 --outDir . index.js + name: npm-package-artifact + path: . - name: ๐Ÿš€ Release - uses: cycjimmy/semantic-release-action@v5.0.2 + uses: cycjimmy/semantic-release-action@ba330626c4750c19d8299de843f05c7aa5574f62 # v5.0.2 with: semantic_version: 25 branches: | @@ -73,3 +97,5 @@ jobs: ] env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + NPM_CONFIG_PROVENANCE: true + NPM_CONFIG_IGNORE_SCRIPTS: true